Do you ever receive an incoming call on your cell phone only to see it’s coming from a “Scam Likely”? Robocalls, or automated phone calls usually for scam or spam purposes, have risen to approximately 85 billion calls worldwide in 2018 according to the Hiya Global Robocall Radar Report. Hiya, a Seattle-founded company that detects caller ID information to filter unwanted calls, found on average that ten percent of incoming calls were classified as nuisance or fraudulent, with seven spam calls monthly on average for each Hiya user in the United States. Given these numbers reflect Hiya users, the true number of robocalls per person may in fact be higher.
According to the Hiya report, one of the top types of robocalls in the United States is the Internal Revenue Service (“IRS”) Scam, in which the scam caller falsely impersonates or plays a recording of an IRS employee threatening an unsuspecting taxpayer of late or missing payments. According to a June 2019 IRS news release, “[c]riminals can fake or ‘spoof’ caller ID numbers to appear to be anywhere in the country, including from an IRS office.” The Federal Trade Commission (“FTC”) states that it “continues to bring enforcement actions against robocallers and has already stopped people responsible for billions of robocalls,” but the FTC only has ten cases listed on its list of cases tagged with “Robocall” since 2010. In addition, the Federal Communications Commission (“FCC”) adopted rules in November 2017 that allowed phone companies to “proactively block” robocalls that “appear to be from telephone numbers that do not or cannot make outgoing calls.” However, the FCC reports that some private studies estimated almost 4 billion robocalls per month in 2018.
So how can we stop receiving these unwanted scam calls? Unfortunately, adding your number to the National Do Not Call Registry is unhelpful in stopping illegal scam calls. This registry alerts lawful telemarketers which phone numbers they should not call for sales pitches, but it does nothing to stop fraudulent scam artists already intending to deceive consumers. In June 2019, the FCC specifically addressed scammers who “spoof”, or mimic real numbers to deceive consumers, and illegal callers who do not spoof caller ID and ruled that phone companies can offer opt-out call-blocking services instead of requiring consumers to opt-in. Subsequently in August 2019, phone companies and every state’s attorney general convened to issue anti-robocall principles to strengthen cooperation between the phone companies who have direct control over the outgoing calls and the attorneys general who can implement laws and policies over them.
More specifically, Principle #2 calls for implementation of STIR/SHAKEN. Far from a mixology term, STIR stands for Secure Telephone Identity Revisited, the technology that adds cryptographic signatures to signaling requests, which should prevent a scam caller from providing a spoof number to the unsuspecting recipient. SHAKEN stands for Signature Handling of Asserted information using toKENs, which the principles define as an industry standard on how phone companies should implement STIR. Together, these standards and procedures should allow phone companies to verify outgoing calls with a secure certificate that can also be validated on the recipient’s end. In tandem with Principle #7 that requires traceback cooperation that can detect the provider and user who made a potentially illegal call, giving phone companies wide latitude to track and cut the scam calls from their source would be the most efficient strategy, rather than overcoming collective action problems of having each consumer report a complaint after the scam has already occurred. Only time will tell if these principles effectively curtail annoying robocalls, or if the principles themselves end up becoming a spoof.
*Carlino Mark Natividad is an Associate Editor on the Michigan Technology Law Review.